__/ [ nessuno@xxxxxxxxxxxxxxxxxxx ] on Wednesday 02 August 2006 11:14 \__
> My inbox was filled this morning with messages from a legitimate mail
> server that serves a group of my colleagues, saying that someone was
> spamming them in my name. One such message for each spam message sent.
> How did the spammers get my email address? One possibility is someone
> I correspond with whose Windows machine has been compromised and whose
> address book has been sold to spammers.
Yes, that's just what happens in reality. Be sure to tell
people that keeping their E-mail address undisclosed is
insufficient, as awkward as their mail alias may be. It's
enough to have one friend/correspondent whose Windows
machine gets compromised. The addresses can be pulled from
E-mail archives (folders) or the address book. Whether the
botmaster pulls the addressbook and sells it (i.e. adds it
to a CD and distributes), I don't know. But the spammer can
script a routine that will send SPAM to everyone who is in
the address book of the compromised O/S (being the easier
implementational choice). This opens the door to doubts,
e.g. shall I give person X my E-mail address? Can this
person manage to escape hijacking? Mind you, a recent study
suggested the following:
,----[ Quote ]
| Nearly all of the Internet-connected computers that send e-mail
| are controlled by spammers, according to companies that track
| e-mail reputations.
More than 95% of e-mail is 'junk'
,----[ Quote ]
| More than 95% of e-mail is junk, be it spam, error messages or
| viruses, report mail monitoring firms.
| Further work has shown that most of this junk mail is originating
| on hijacked home computers.
| E-mail security firm Return Path said 99% of the computers it monitors
| that send mail have been taken over by spammers or virus writers.
I might just close my E-mail accounts soon. It too much to bear. I already
closed my blogs so that they permit no comments and pingbacks. Forums are no
longer open for signups. Apparently it's possible to get along without
GNU/Linux is beautiful. < http://youtube.com/watch?v=lawkc3jH3ws >
http://Schestowitz.com | GNU/Linux | PGP-Key: 0x74572E8E
Swap: 1036184k total, 420072k used, 616112k free, 62888k cached
http://iuron.com - next generation of search paradigms